Here's an overview of some of last week's most interesting news, reviews, articles and interviews:

NSA hacking and spying on EU officials
The German Der Spiegel published a report based on a document leaked by NSA whistleblower Edward Snowden that show that the US has been spying on EU officials both in America and Europe.

Android hack tool harvests info from PCs
Stealing information is a piece of cake if you can manage to get malware on the target's Windows computer, but did you know that it can also be as easy as connecting your Android device to it and running an app?

Teaching a computer to play Memory advances security
Computer science researchers have programmed a computer to play the game Concentration (also known as Memory). The work could help improve computer security – and improve our understanding of how the human mind works.

Current cybercrime market is all about Cybercrime-as-a-Service
The cybercrime market is constantly evolving, and it is currently full of knowledgeable individuals who have focused on their core competencies to offer services to those who have not the skills, patience or time to make what they want or need for their criminal exploits.

Twitter underground economy still going strong
The Twitter underground economy and the fake social account market as a whole continues to gain momentum, and the financial motivations of this multimillion-dollar business remain clear.

Jon Callas on privacy in the modern age
In this interview, Jon Callas, co-founder of PGP and current CTO at Silent Circle, discusses the global erosion of privacy and the importance of confidentiality. He tackles the challenges of retaining secrecy on the Internet, privacy legislation, as well as issues encountered while developing Silent Circle.

Litecoin-stealing Trojan found
ESET researchers have unearthed a new Trojan that targets Litecoins - a peer-to-peer crypto currency inspired by and technically nearly identical to Bitcoin.

Information Security Risk Assessment Toolkit
It is a truth universally acknowledged that in order to know what company IT assets you should protect and how, you need to first perform a risk assessment. But how do to go about it? This book will tell you everything you need to know and do to perform this feat.

Android bug allows app code change without breaking signatures
Researchers from Bluebox Security have discovered a critical Android flaw that allows attackers to modify the code of any app without breaking its cryptographic signature, and thusly allows them to stealthily plant malicious apps on legitimate app stores and users' phones.

EU Parliament to launch inquiry into US surveillance programs
European Parliament's Civil Liberties Committee will conduct an "in-depth inquiry" into the US surveillance programs, including the bugging of EU premises and other spying allegations, and present its results by the end of this year, says a resolution passed by the full House on Thursday.

Critical Cryptocat group chat bug fixed
The vulnerability was discovered by a volunteer named Steve Thomas a few weeks ago, and allowed any conversations had over Cryptocat’s group chat function between versions 2.0 and 2.0.42 to be easily cracked via a brute force attack.

EU adopts stricter penalties for cyber criminals
Cyber criminals will face tougher penalties in the EU, under new rules adopted by Parliament on Thursday. The draft directive, already informally agreed with member states, also aims to facilitate prevention and to boost police and judicial cooperation in this field. In the event of a cyber attack, EU countries will have to respond to urgent requests for help within eight hours.

Spotlight

35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right. This illustrates the growing importance for organizations to deploy data loss prevention strategies.

Sun Tzu's writings have been studied throughout the ages by professional militaries and can used to not only answer the question of whether or not we are in a cyberwar, but how one can fight a cyber-battle.

Infosec consultant Paul Moore came up with a working solution to thwart a type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM.

There is still way too much apathy when it comes to data-centric security. Given the sensitive data the OPM was tasked with protecting, it should have had state-of-the-art data protection, but instead it has become the poster child for IT security neglect.